Continuity management has long been tied to disaster planning and crisis response as fundamental to emergency planning but the reality is: If you’re just practicing business continuity to survive you’re never going to get much out of it.

The key to effective value creation from continuity management is a strategy that builds on how the day-to-day business is designed to create value. Today’s global market puts us all in crisis. Corporate directors are in jail. Cyber terrorists can easily hide across borders around world yet still access information kept locked away. States and countries declare bankruptcy. Instability is everywhere.
Businesses are so interdependent on one another that supply chain and technology are complex grey zones of value and accountability. The bottom line is the business needs to create value to survive. Maybe value means money, maybe it’s customer satisfaction or maybe it’s serving its nonprofit goal. Regardless, the creation of that value must be the crux of your resilience plans.

One of the most common misconceptions of business continuity planning is that it starts with a disaster and in a lucky world no one would need a plan. Luck favors the prepared. A business with a healthy continuity management program doesn’t just survive crisis; it thrives daily. The reality of the business world is that every day is more complex and risk loaded. In order to work toward corporate maturity and institutionalization of the systems that create value you have to structure and live your plan.

Every company should have thoughtful, thorough business continuity and disaster recovery plans like the ones offered by DCS Planning. Every company needs to invest in risk assessment and a business impact analyses — again, just like the services offered by DCS Planning.

For example, CoreXchange’s data centers are supported by state-of-the-art power systems featuring redundant 1.5 MQ generators and four 500-ton chillers. This nearly eliminates the possibility of electrical downtime and gives us tight control over the internal environment. We also leave no stone unturned when it comes to security: Our center includes perimeter fencing, 24/7staffed check-in station with mantrap, and internal and external video surveillance.

Colocation with CoreXchange along with a solid plan from DCS Planning can be the bedrock on which your company’s data security, viability and peace of mind rests.

Operational risk has eclipsed credit risk as national banks’ chief safety and soundness challenge, Comptroller of Currency Thomas Curry told the Exchequer Club in Washington, D.C., last week.

Operational risk – the risk of loss due to failures of people, processes, systems and external events – is “high and increasing,” Curry said. He cited flawed risk models, lack of adequate controls over third party vendors and anti-money laundering efficiencies as some examples of operational risk.

“[A]s banks and thrifts face greater resource constraints and higher compliance costs, they may feel greater pressure to economize on systems and processes in order to enhance their income and operating economies …,” Curry said. “All institutions … must resist the temptation to under-invest in the systems and controls they need to prevent greater risk and larger losses in the future.”

He emphasized the risk of operational failure is embedded in every activity and product – from a bank’s processing, accounting and information systems to the implementation of its credit risk management procedures.

“No issues look larger today than operational risk in all its dimensions, the manner in which all risks interact, and the importance of managing those risks in an integrated fashion across the entire enterprise,” Curry said. “These themes are a supervisory priority for us at the OCC today and they should similarly command the attention of the industry.”

It’s astonishing in it’s simplicity. The business often gets left out of disaster recovery and the resilience picture. Disaster recovery is the continuity of your information systems but you certainly can’t recreate your business with simply a server. That server has to live somewhere, it needs people to love and care for it and it needs a purpose. Your IT manager cannot determine your purpose. It must be held in the core vision of the organization. Your plan needs the core competencies of your organization – how you create value. This is the deliverable for the Business Impact Analysis process. Don’t leave yours out!